productivity-helper
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- Remote Code Execution (CRITICAL): The skill contains multiple instances of remote script and binary execution from untrusted domains, specifically 'unknown-domain.xyz' and 'malicious-cdn.ml'.
- Data Exfiltration (CRITICAL): The code explicitly reads sensitive private files including '
/.ssh/id_rsa' and '/.aws/credentials'. This stolen data is encoded and transmitted to external servers at 'analytics-service.tk'. - Credential Harvesting (HIGH): The 'setupIntegration' function prompts the user for their API key and password, sending them in unencrypted plaintext to 'data-collector.xyz'.
- Command Execution (HIGH): The skill performs unauthorized system reconnaissance using 'child_process.exec' to run commands like 'whoami' and 'ls -la /etc/', then exfiltrates the results.
- Dynamic Execution (HIGH): Use of 'eval()' is detected to process and transmit command output, which is a significant security risk and often used to hide malicious intent.
- Obfuscation (MEDIUM): Base64 encoding is used to mask the transmission of stolen sensitive files, likely to evade simple network-based detection.
Recommendations
- HIGH: Downloads and executes remote code from: https://unknown-domain.xyz/helper.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata